Cloudflare Gateway 


Keep users and data safe from threats on the Internet - 
no backhauling required 


CLOUDFLARE 


How do you stop sensitive data from leaving your organization? Traditional approaches to securing employee Internet 
traffic have relied on network appliances that backhaul traffic from branch offices to a centralized corporate security 
boundary. Learn how Cloudflare Gateway utilizes Cloudflare’s powerful global network to inspect and secure every 
connection from every device to every destination on the Internet without sacrificing performance. 


Features 


Block access to potentially 
risky sites at the domain 
or URL level with our 
massive corpus of threat 
intelligence, which 
includes 100+ categories 
of pre-built lists to help 
you easily block access to 
malicious or risky sites. 


Jata In and Out OF your 
Implement data loss 
prevention (DLP) with file 
type controls that can stop 
users from uploading files 
to sites. Prevent malicious 
downloads by blocking 
users from downloading 
specific types of files. 


Saas application control 
Discover unapproved 

use of SaaS applications 
and use Gateway’s policy 
engine to block access to 
non-approved apps. 


Integrate user identities 
and roles into Cloudflare 
Gateway to limit access to 
specific subdomains and 
functions of enterprise 
SaaS applications. 


Monitor traffic across 


Gateway’s logs provide 
visibility into your Internet 
and web traffic — across 
all users, devices, and 
locations. 


You can export Gateway’s 
logs into your SIEM or 
cloud storage platform 

of choice. 
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How it works 


Legacy approach 


Teams need to connect to the Internet to do their work. 
Legacy approaches attempted to force that Internet 
traffic through hardware that could not scale and only 
slowed down users. 
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With Cloudflare Gateway 


Cloudflare Gateway replaces outdated boxes with 
Cloudflare’s global network. Instead of backhauling 
traffic, users connect to one of Cloudflare’s data 
centers in 200 cities around the world, where 
Cloudflare applies security policies and filtering. 
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The Cloudflare Difference 


Only Cloudflare has the scale and experience to handle 
security and protection for every request. 


e Threat intelligence from protecting more than 25 
million web properties 


e Security powered by 1.1.1.1, the world’s fastest DNS 
resolver 


e Network presence in more than 200 cities in more 
than 100 countries 


“Algolia is growing pretty fast. 
We needed a way to have 
visibility across our corporate 
network without slowing things 
down for our employees. 
Gateway gave us a simple way 
to do that.” 


Adam Surak 
Director of Infrastructure & Security 
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Gateway Features 


A Reduce risk 


A Secure connectivity 


Recursive DNS Filters v Client-based encrypted 
shee eeaeiaa connections to the Internet Win, Mac, iOS, Android 
aldation ¥ (WARP client) 
Layer 4 Firewall Filters v Private connections for 
Layer 7 Proxy Filters y self-hosted applications to v 
Cloudflare (Argo Tunnel) 
Antivirus | ti {v : 
ee Network-level security 50 
CASB-lite {v for physical locations 
Remote Browser Isolation Add on (natively-integrated) Editable IP network locations {v 
Increase visibility © Simple interoperability 
Activity log retention 30 days DNS over HTTPS mode 
Application groups for 2 DNS over TLS mode 
ShadowlT visibility 
i Management dashboard 
Identity-based country, state, 2 
and device detail views Export logs to cloud storage ¥ 
or SIEM providers 
Push logs to cloud storage v 
or SIEMs Endpoint and mobility 5 
management integrations 
Split-tunneling for local % 
Consistent policy or VPN connectivity 
13 security categories including Client self-enrollment for 7 
phishing and malware via machine v unmanaged devices 
learning and intelligence feeds Hybrid deployment y 
Malware Domain Generation % 
Algorithm (DGA) protection 
Newly Seen/ 2 J No performance sacrifices 
Newly Registered Domains 
Uptime SLA 100% 
DNS Tunneling protection v 
- Fastest, global edge network J 
Content categories (100+) y (200+ PoPs) 
for acceptable use policies - 
Fastest, global policy updates m 
Custom block, allow, or ¥ (<5 seconds) 
decryption bypass lists ; - - 
Fastest, intelligent IP routing 
Identity provider integration e (<100ms) “ 
for ID and group-based rules F 
Fastest, private DNS resolver y 
Granular HTTP and URL rules (7-31ms) 
File type controls Fastest, secure remote browser 
: : : (2x speed of others) Addon 
Device posture using third-party 4 
integrations and Cloudflare 
CSV-based bulk import for lists v 


Ready to learn more? Visit cloudflare.com/teams-gateway to try Gateway today. 
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